3035 matches found
Post Grid <= 2.2.50 - Information Exposure via REST API
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PickPlugins Post Grid Combo – 36+ Gutenberg Blocks.This issue affects Post Grid Combo – 36+ Gutenberg Blocks: from n/a through 2.2.50. id: CVE-2023-40211 info: name: Post Grid = 2.2.50 - Information Exposure via REST API...
Essential Grid <= 3.1.0 - Cross-Site Scripting
Unauthenticated Reflected Cross-Site Scripting XSS vulnerability in ThemePunch OHG Essential Grid plugin = 3.1.0 versions. id: CVE-2023-47684 info: name: Essential Grid = 3.1.0 - Cross-Site Scripting author: 0xpugal severity: medium description: | Unauthenticated Reflected Cross-Site Scripting XS...
Important: Red Hat Security Advisory: Red Hat Data Grid 8.6.1 security update
An update for Red Hat Data Grid 8 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...
CVE-2026-49490
OpenCATS from version 0.9.1a contains an SQL injection vulnerability in DataGrid filter handling that allows authenticated attackers to inject SQL through crafted filters targeting the non-filterable Tags column in the Candidates DataGrid. Attackers can bypass column filterable restrictions by...
CVE-2026-49490
OpenCATS from version 0.9.1a contains an SQL injection vulnerability in DataGrid filter handling that allows authenticated attackers to inject SQL through crafted filters targeting the non-filterable Tags column in the Candidates DataGrid. Attackers can bypass column filterable restrictions by...
CVE-2026-49490
OpenCATS (version 0.9.1a) contains an SQL injection in DataGrid filter handling for the Tags column in the Candidates DataGrid. The vulnerability can be exploited by authenticated attackers who manipulate filter requests to bypass column filter restrictions and execute arbitrary SQL queries again...
CVE-2026-49490
OpenCATS from version 0.9.1a contains an SQL injection vulnerability in DataGrid filter handling that allows authenticated attackers to inject SQL through crafted filters targeting the non-filterable Tags column in the Candidates DataGrid. Attackers can bypass column filterable restrictions by...
CVE-2026-49490 OpenCATS - SQL Injection in DataGrid Filter Handling for Tags Column
OpenCATS from version 0.9.1a contains an SQL injection vulnerability in DataGrid filter handling that allows authenticated attackers to inject SQL through crafted filters targeting the non-filterable Tags column in the Candidates DataGrid. Attackers can bypass column filterable restrictions by...
EUVD-2026-33502
OpenCATS from version 0.9.1a contains an SQL injection vulnerability in DataGrid filter handling that allows authenticated attackers to inject SQL through crafted filters targeting the non-filterable Tags column in the Candidates DataGrid. Attackers can bypass column filterable restrictions by...
CVE-2026-49489
OpenCATS up to version 0.9.7.4 is affected by an SQL injection in the DataGrid sortDirection parameter, enabling an authenticated user to exfiltrate data via ajax/getDataGridPager.php. The underlying issue is a vulnerable sortDirection parameter that allows time-based blind injections, potentiall...
EUVD-2026-33501
OpenCATS through 0.9.7.4 contains a sql injection vulnerability in the sortDirection parameter of the DataGrid component that allows authenticated users to extract database contents. Attackers can inject malicious SQL via the sortDirection parameter in ajax/getDataGridPager.php to perform...
CVE-2026-49489 OpenCATS - SQL Injection in DataGrid sortDirection Parameter
OpenCATS through 0.9.7.4 contains a sql injection vulnerability in the sortDirection parameter of the DataGrid component that allows authenticated users to extract database contents. Attackers can inject malicious SQL via the sortDirection parameter in ajax/getDataGridPager.php to perform...
OpenCats SQL注入漏洞
OpenCats is an open-source recruitment process management system developed by OpenCats. Version OpenCATS 0.9.1a contains a SQL injection vulnerability. This vulnerability stems from SQL injections in the DataGrid filter processing. It may allow authenticated attackers to bypass column filtering...
PT-2026-45192
OpenCATS from version 0.9.1a contains an SQL injection vulnerability in DataGrid filter handling that allows authenticated attackers to inject SQL through crafted filters targeting the non-filterable Tags column in the Candidates DataGrid. Attackers can bypass column filterable restrictions by...
RUSTSEC-2026-0151 Out-of-bounds writes due to integer overflow in jxl-grid on 32-bit platforms
On 32-bit platforms, decoding a crafted image may lead to out-of-bounds writes due to integer overflow in length calculation. This could allow arbitrary code execution. Details & PoC The test listed below fail under miri with command cargo +nightly miri test --release -p jxl-grid Or you can use...
Out-of-bounds writes due to integer overflow in jxl-grid on 32-bit platforms
On 32-bit platforms, decoding a crafted image may lead to out-of-bounds writes due to integer overflow in length calculation. This could allow arbitrary code execution. Details & PoC The test listed below fail under miri with command cargo +nightly miri test --release -p jxl-grid Or you can use...
Relative Path Traversal
Overview org.apache.ignite:ignite-core is a memory-centric distributed database, caching, and processing platform for transactional, analytical, and streaming workloads delivering in-memory speeds at petabyte scale. Affected versions of this package are vulnerable to Relative Path Traversal via t...
CVE-2026-49054
Missing Authorization vulnerability in Mamunur Rashid The Post Grid allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects The Post Grid: from n/a through 7.9.2...
CVE-2026-49054 WordPress The Post Grid plugin <= 7.9.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Mamunur Rashid The Post Grid allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects The Post Grid: from n/a through 7.9.2...
CVE-2026-49054 WordPress The Post Grid plugin <= 7.9.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Mamunur Rashid The Post Grid allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects The Post Grid: from n/a through 7.9.2...